<?php
include('libary/init_index.php');
if ((isset($_GET['song'])) && (isset($_GET['code'])))
{
    if (md5($_GET['song'].'agbhjkliopsjweqwl')==$_GET['code'])
    {
	   $cmd="SELECT * FROM `media` WHERE media_md5='".$_GET['song']."'";
	   $info=mysql_fetch_assoc(mysql_query($cmd));
	   $name=$info['media_link'];  
       if ((substr($name,strlen($name)-4,4)=='.mp3') || (substr($name,strlen($name)-4,4)=='.MP3') || (substr($name,strlen($name)-4,4)=='.wma'))
	   $linkmedia='http://cailuongso.com/data/'.$info['media_link']; else
	   $linkmedia=$info['media_link'];
	   echo '<?xml version="1.0" encoding="utf-8"?><playlist version="1" xmlns="http://xspf.org/ns/0/"><tracklist><track><title> Trình bày : '.decode($info['media_artist']).'</title><creator>Bài hát : '.$info['media_name'].'</creator>
		<location>'.$linkmedia.'</location><info></info><image>http://beta.cailuongso.com/media/adv/flashadv.swf</image></track></tracklist></playlist>';
    } else header('location:/');	
} else 
if ((isset($_GET['album'])) && (isset($_GET['code'])))
{
    if (md5($_GET['album'].'agbhjkliopsjweqwl')==$_GET['code'])
    {
	   $cmd="SELECT * FROM `album` WHERE album_md5='".$_GET['album']."'";
	   $info=mysql_fetch_assoc(mysql_query($cmd));
       echo '<?xml version="1.0" encoding="utf-8"?><playlist ><tracklist>';
	   $cmd="SELECT * FROM `media` WHERE media_album=".$info['album_id']." ORDER BY media_order";
	   $excute=mysql_query($cmd);
	   while ($info=mysql_fetch_array($excute,MYSQL_ASSOC))
	   {
	   echo '<track><title>'.$info['media_name'].'</title> 
       <annotation></annotation>  
       <location>http://cailuongso.com/data/'.$info['media_link'].'</location> 
       <image></image> 
       </track>';
       }
      echo '</tracklist></playlist>';
    } else header('location:/');	
} else header('location:/');

?>